Bugtraq, I've been following this posting on the exploitation of the Win32 API with interest. I think that Chris was correct in saying the following from his original posting: 5) This is not a bug. This is a new class of vulnerabilities, like a buffer overflow attack or a format string attack. As such, there is no specific vendor to inform, since it affects every software maker who writes products for the Windows platform. A co-ordinated release with every software vendor on the planet is impossible. I think the point has been made that there are ways to fix this problem, but the point is, this is a very real way of exploiting poorly written applications. It's no different than exploiting, as he said, a buffer overflow, or format strings, vulnerabilities of which abound throughout the Internet. Though there may be a way to prevent these vulnerabilities, the same could be said for, say, a buffer overflow, and yet they're found all over the place. I think Chris has a valid point in bringing this forward, and it's something that every Win32 programming should take into account, while trying to write secure applications. This is a topic that needed to be addressed. -Bryan P.S. I think it'd be interesting to see how many (if any) Microsoft programs are affected by this type of vulnerability, even though they "have known about these vulnerabilities for some time".
This archive was generated by hypermail 2b30 : Wed Aug 07 2002 - 11:34:46 PDT